In recent years, merchandise sales have been actively promoted through a network, such as the Internet, and thus many users purchase various types of merchandise with smartphones or PCs.
Meanwhile, an Internet distributor has amassed merchandise-purchase history data indicating what sorts of users have purchased what types of merchandise.
The Internet distributor can perform processing of providing specific users with mail recommending specific merchandise or advertising for the specific merchandise on the basis of the amassed data, to promote the purchase of merchandise.
The Internet distributor retains, for example, data including a user ID being identification information regarding a user who has purchased merchandise, associated with identification information regarding the merchandise purchased by the user (merchandise ID). Furthermore, processing of acquiring and analyzing user profile data including, for example, the gender, age, and residence of the user may be performed.
However, such user merchandise-purchase history data includes personal information regarding each user, and thus is undesirable to release. That is, the user merchandise purchase history data is secure data subject to restriction of release, and thus is typically not allowed to be provided to another person without consent of each user.
However, there is a trend toward practically using respective different pieces of individually amassed secure data retained by many different Internet distributors, in cooperation with, for example, user ID or merchandise ID among different companies.
That is, there is a trend toward integrating and analyzing, for example, respective customer profiles and purchase histories individually amassed by the companies to use analyzed data for merchandise sales promotion, such as user targeted advertising.
Integration and analysis of respective individual databases retained by the companies enable merchandise sales or advertising provision to be more effective.
Furthermore, an attempt has been made to provide each-user-oriented optimum advertising or information, with integration of, for example, browsing history information regarding various advertisements and broadcast-program viewing history information in addition to the user merchandise-purchase history information.
However, as described above, the data retained by each company is often the secure data subject to restriction of release, such as the user merchandise-purchase history information, and thus there is a problem that the respective pieces of secure data retained by the companies are difficult to allow to be mutually provided and analyzed.
In recent years, various types of study have been made for a technology of analyzing the association between data, such as the correlation or similarity between secure data, without disclosing the secure data mutually, as a technology to solve the problem.
For example, there is provided a technique of analyzing the association between secure data with concealed data, such as encrypted data or converted data of the secure data.
Note that computation processing to be performed with the concealed data of the original data such as the encrypted data or converted data of the secure data is referred to as secret computation or secure computation.
For example, Patent Document 1 (JP 2008-521025 A) discloses a configuration of acquiring an indicator of the similarity between two pieces of data, with secure computation. Specifically, a configuration of the inner product of the two pieces of data with the secure computation to calculate the Hamming distance between the two pieces of data, as an index value in similarity, has been disclosed.
The present document discloses, as a specific inner-product calculation method with the secure computation, a method of encrypting input data with application of homomorphic encryption and performing homomorphic addition or multiplication to the encrypted data.
However, because it takes time for the homomorphic encryption being public key cryptography to encrypt the data, treatment of an enormous amount of data increases in computational complexity, and thus there is a problem that a computation device increases in load or in processing time. In addition, a cryptogram itself is large in size, and thus there is a problem that the traffic increases.
Furthermore, Patent Document 2 (JP 2014-206696 A) discloses a configuration of calculating, in a case where a plurality of organizations retains two different pieces of secure data to be concealed in the organizations, the inner product of the two pieces of secure data in a small amount of computational complexity.
The configuration disclosed in Patent Document 2 achieves a reduction in time in data concealment processing or the inner-product computation applied with concealed data.
However, the disclosed technique needs three independent computing machines that perform secure computation, and thus there is a problem that upsizing of a computational resource and high cost are inevitable.